<?php
@session_start();
require_once('../config/config.php');
require_once('../utils/CommonUtils.php');
require_once('../utils/DBUtils.php');
include ("../utils/Constants.php");
require_once('../utils/BaseDAO.php');
require("../utils/Session.php");

$commonUtils = new CommonUtils();
$onlineUser = Session::get('fullname');
if($onlineUser == null){
	$commonUtils->redirect("../login.php"); 
}
$baseDAO = new BaseDAO();

$action = $commonUtils->getParameter("action");
$username = $commonUtils->getParameter("username");
$password = $commonUtils->getParameter("password");
$fullname = $commonUtils->getParameter("fullname");
$email = $commonUtils->getParameter("email");
$status = $commonUtils->getParameter("status");
$isuser = $commonUtils->getParameter("isuser");
$id = $commonUtils->getParameter("id");

$menus = $commonUtils->getParameter("menus");

if (isset($action) && $action == 'insert-update') {
	if(isset($username) && $username != "" &&
		isset($password) && $password != "" &&
	 	isset($fullname) && $fullname != "" &&
	 	isset($email) && $email != ""){
	 		
	 		//process image icon
			$imgfile = (isset($_FILES['vImage']['name']) ? $_FILES['vImage']['name'] : "");
			if ($imgfile != "") {
				include ('../utils/class.upload.php');
				$imgUpload = new imgUpload($AVA_PATH, $AVA_PATH, $AVA_TEMP_PATH, 100);
				$imgfiles = $commonUtils->uploadAndResizeImage($imgUpload, 200, 200); 
				$imgfile = $imgfiles[0];
			}
			// end
	 		
	 		if(isset($id) && $id > 0){
	 			$dbl = $baseDAO->checkDuplicate("user", "username", $username, $id);
	 			if($dbl > 0){
	 				$message = "Tên đăng nhập này đã tồn tại";
	 			}else{
		 			$item = $baseDAO->getItem("user", array("password"), $id);
		 			if($item["password"] != $password){
		 				$password = sha1($password);
		 			}
		 			if($imgfile != ""){
			 			$values = array($id, $username, $password, $fullname, $email, $status, $isuser, $imgfile);
			 			$retval = $baseDAO->update("user", array("id", "username", "password", "fullname", "email", "status", "isuser", "avatar"), $values);
		 			}else{
		 				$values = array($id, $username, $password, $fullname, $email, $status, $isuser);
			 			$retval = $baseDAO->update("user", array("id", "username", "password", "fullname", "email", "status", "isuser"), $values);
		 			}
		 			$message = "Cập nhật thành công";
		 			
		 			$baseDAO->del("user_menu", $id, "userid");
		 			if(isset($isuser) && $isuser == 0){ // chi xet quyen cho user ko phai admin
			 			if (isset($menus) && is_array($menus)) {
					 		foreach($menus as $menuid) {
								$baseDAO->create("user_menu", array("userid", "menuid"), array($id, $menuid));
							}
				 		}
		 			}
	 			}
	 		}else{
	 			$dbl = $baseDAO->checkDuplicate("user", "username", $username);
	 			if($dbl > 0){
	 				$message = "Tên đăng nhập này đã tồn tại";
	 			}else{
	 				if($imgfile != ""){
	 					$values = array($username, sha1($password), $fullname, $email, $status, $isuser, $imgfile);
			 			$retval = $baseDAO->create("user", array("username", "password", "fullname", "email", "status", "isuser", "avatar"), $values);
	 				}else{
			 			$values = array($username, sha1($password), $fullname, $email, $status, $isuser);
			 			$retval = $baseDAO->create("user", array("username", "password", "fullname", "email", "status", "isuser"), $values);
	 				}
		 			$message = "Thêm mới thành công";
		 			$id = $baseDAO->getItem("user", array("id"), $username, "username");
		 			if(isset($isuser) && $isuser == 0){ 
		 				if (isset($menus) && is_array($menus)) {
					 		foreach($menus as $menuid) {
								$baseDAO->create("user_menu", array("userid", "menuid"), array($id, $menuid));
							}
				 		}
		 			}
	 			}
	 		}
	 		
			if(!$retval){
			  die('Could not insert or update data: ' . mysql_error());
			  exit;
			}
				
	 	}else{
	 		$message = "Vui lòng nhập đủ các thông tin bắt buộc";
	 	}
}

if($id != null && $id > 0){
	$result = $baseDAO->getItem("user", array("id", "username", "password", "fullname", "email", "status", "isuser", "avatar"), $id);
	if (!$result) {
	    echo 'Could not run query: ' . mysql_error();
	    exit;
	}
	$username = $result['username'];
	$password = $result['password'];
	$fullname = $result['fullname']; 
	$email = $result['email'];
	$status = $result['status'];
	$isuser = $result['isuser'];
	$avatar = $result['avatar'];
	
	$user_menus = $baseDAO->getItems("user_menu", array("menuid"), "userid=".$id);
	foreach ($user_menus as $ur){
		$userMenus[$ur['menuid']] = $ur['menuid'];
	}
}
$menus = $baseDAO->getItems("menu", array("id", "name"));
?>
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<meta http-equiv="X-UA-Compatible" content="IE=100" >
		<title>NguyenDau - Quản lý người dùng</title>
		<link rel="stylesheet" type="text/css" href="../css/diary.css"/>
		<script src="../js/jquery-1.7.2.min.js"></script>
	</head>
	<body>
		<?php include '../include/header.php';?>
		<center>
			<div class="content">
				<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post" name="formlogin" enctype="multipart/form-data" >
					<div class="tableHeader">
						Quản lý người dùng
					</div>
					<?php if(isset($message)){?>
						<div class="infomessage"><?php echo $message; ?></div>
					<?php }?>
					<table class="lineheight26">
						<tr>
							<td width="150px;">Tên đăng nhập<span class="required">*</span></td>
							<td><input type="text" name="username" value="<?php if(isset($username)){echo $username;}?>" /></td>
						</tr>
						<tr>
							<td>Mật khẩu<span class="required">*</span></td>
							<td><input type="password" name="password" value="<?php if(isset($password)){echo $password;}?>" /></td>
						</tr>
						<tr>
							<td>Họ tên<span class="required">*</span></td>
							<td><input type="text" name="fullname" value="<?php if(isset($fullname)){echo  $fullname;}?>" /></td>
						</tr>
						<tr>
							<td>Email<span class="required">*</span></td>
							<td><input type="text" name="email" value="<?php if(isset($email)){echo  $email;}?>" /></td>
						</tr>
						<tr>
							<td>Tình trạng</td>
							<td>
								<input type="radio" name="status" value="1" <?php if(isset($status) && $status == 1){echo "checked";}?>/>Kích hoạt
								<input type="radio" name="status" value="0" <?php if(!isset($status) || $status == 0){echo "checked";}?>/>Khóa
							</td>
						</tr>
						<tr>
							<td>Hình đại diện</td>
							<td>
								<input type="file" name="vImage" id="vImage" />
								<?php if(isset($avatar)){?>
									<br/><img src="../images/avatar/<?php echo $avatar;?>"/>
								<?php }?>
							</td>
						</tr>
						<tr>
							<td>Thuộc nhóm</td>
							<td>
								<input type="radio" name="isuser" value="1" <?php if(isset($isuser) && $isuser == 1){echo "checked";}?>/>Quản trị 
								<input type="radio" name="isuser" value="0" <?php if(!isset($isuser) || $isuser == 0){echo "checked";}?>/>Biên tập
							</td>
						</tr>
						<tr>
							<td>Quyền hạn</td>
							<td>
								<div id="gr0" class="selectrole">
									<?php foreach($menus as $menu){?>
										<p><span><input type="checkbox" name="menus[]" value="<?php echo $menu["id"];?>" <?php if(isset($userMenus) && isset($userMenus[$menu['id']])){echo 'checked=checked';}?> /></span>
										<span><?php echo $menu["name"]; ?></span></p>
									<?php }?>
								</div>
								<div id="gr1" class="selectrole" style="display:none;">Được truy cập tất cả các tính năng</div>
							</td>
						</tr>
						<tr>
							<td></td>
							<td>
								<input type="submit" value="Đồng ý"/>
								<input type="button" value="Trở vể" onclick="window.location='./user-list.php'"/>
							</td>
						</tr>
					</table>
					<input type="hidden" name="id" value="<?php if(isset($id)){echo $id;}?>"/>
					<input type="hidden" name="action" value="insert-update">
					<script type="text/javascript">
					$(function(){
						<?php if(isset($isuser) && $isuser == 1){?>
							$("#gr0").attr("style", "display:none");
							$("#gr1").attr("style", "display:block");
						<?php }?>
						
						$("input[name='isuser']").change(function(){
							var group = $("input[name='isuser']:checked").val();
							if(group == 0){
								$("#gr0").attr("style", "display:block");
								$("#gr1").attr("style", "display:none");
							}else{
								$("#gr0").attr("style", "display:none");
								$("#gr1").attr("style", "display:block");
							}
						});
					});
					</script>
				</form>		
			</div>
		</center>
		<?php include '../include/footer.php';?>
	</body>
</html>

